diff --git a/.github/workflows/spec.yml b/.github/workflows/spec.yml index 2f6aa536..6c1ae10d 100644 --- a/.github/workflows/spec.yml +++ b/.github/workflows/spec.yml @@ -54,10 +54,10 @@ jobs: buildevents step $TRACE_ID $STEP_ID $STEP_START 'Setup Environment' echo STEP_ID=Setup-Acceptance-Test-Matrix >> $GITHUB_ENV echo STEP_START=$(date +%s) >> $GITHUB_ENV -# - name: Run Static & Syntax Tests -# if: ${{ github.repository_owner == 'puppetlabs' }} -# run: | -# buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop + - name: Run Static & Syntax Tests + if: ${{ github.repository_owner == 'puppetlabs' }} + run: | + buildevents cmd $TRACE_ID $STEP_ID 'static_syntax_checks' -- bundle exec rake syntax lint metadata_lint check:symlinks check:git_ignore check:dot_underscore check:test_file rubocop - name: Setup Spec Test Matrix id: get-matrix diff --git a/.puppet-lint.rc b/.puppet-lint.rc index cc96ece0..7370adee 100644 --- a/.puppet-lint.rc +++ b/.puppet-lint.rc @@ -1 +1,4 @@ --relative +--no-parameter_types-check +--no-params_empty_string_assignment-check +--no-unquoted_string_in_selector-check diff --git a/.sync.yml b/.sync.yml index ec056c83..ef0d174c 100644 --- a/.sync.yml +++ b/.sync.yml @@ -31,3 +31,8 @@ spec/spec_helper.rb: unmanaged: false .travis.yml: delete: true +Rakefile: + extra_disabled_lint_checks: + - parameter_types + - params_empty_string_assignment + - unquoted_string_in_selector diff --git a/Rakefile b/Rakefile index 0f8754eb..f128fece 100644 --- a/Rakefile +++ b/Rakefile @@ -42,6 +42,9 @@ def changelog_future_release end PuppetLint.configuration.send('disable_relative') +PuppetLint.configuration.send('disable_parameter_types') +PuppetLint.configuration.send('disable_params_empty_string_assignment') +PuppetLint.configuration.send('disable_unquoted_string_in_selector') if Bundler.rubygems.find_name('github_changelog_generator').any? diff --git a/examples/database_full.pp b/examples/database_full.pp index 8a49b040..4a21d0d3 100644 --- a/examples/database_full.pp +++ b/examples/database_full.pp @@ -1,8 +1,8 @@ -sqlserver::config{ 'MSSQLSERVER': +sqlserver::config { 'MSSQLSERVER': admin_user => 'sa', admin_pass => 'Pupp3t1@', } -sqlserver::database{ 'testdb_full': +sqlserver::database { 'testdb_full': instance => 'MSSQLSERVER', containment => 'PARTIAL', compatibility => 110, diff --git a/examples/init.pp b/examples/init.pp index 5d284f1a..bb6e51fd 100644 --- a/examples/init.pp +++ b/examples/init.pp @@ -12,7 +12,7 @@ $sapwd = 'Pupp3t1@' $instance_name = 'MSSQLSERVER' -sqlserver_instance{ $instance_name: +sqlserver_instance { $instance_name: source => 'E:/', security_mode => 'SQL', sa_pwd => $sapwd, @@ -20,13 +20,13 @@ sql_sysadmin_accounts => ['vagrant'], } -sqlserver::config{ 'MSSQLSERVER': +sqlserver::config { 'MSSQLSERVER': admin_user => 'sa', admin_pass => 'Pupp3t1@', require => Mssql_instance[$instance_name], } -sqlserver::login{ 'padmin': +sqlserver::login { 'padmin': password => 'PadminP@ssw0rd1', instance => $instance_name, } diff --git a/examples/sp_configure.pp b/examples/sp_configure.pp index 3d5b45f6..434b04e8 100644 --- a/examples/sp_configure.pp +++ b/examples/sp_configure.pp @@ -1,14 +1,14 @@ -sqlserver::config{ 'MSSQLSERVER': +sqlserver::config { 'MSSQLSERVER': admin_user => 'sa', admin_pass => 'Pupp3t1@', require => Mssql_instance[$instance_name], } #Enable Filestream access on server -sqlserver::sp_configure{ 'filestream access level': +sqlserver::sp_configure { 'filestream access level': value => 1, } #Enable Partial Contained databases on server -sqlserver::sp_configure{ 'contained database authentication': +sqlserver::sp_configure { 'contained database authentication': value => 1, reconfigure => true, with_override => false, diff --git a/lib/puppet_x/sqlserver/features.rb b/lib/puppet_x/sqlserver/features.rb index 532957e3..7a1cdae2 100644 --- a/lib/puppet_x/sqlserver/features.rb +++ b/lib/puppet_x/sqlserver/features.rb @@ -103,12 +103,10 @@ def self.get_reg_instance_info(friendly_version) def self.get_sql_reg_key_features(key_name, reg_key_feat_hash, instance_name) installed = reg_key_feat_hash.select do |subkey, _feat_name| - begin - open(HKLM, "#{key_name}\\#{subkey}", KEY_READ | KEY64) do |feat_key| - get_reg_key_val(feat_key, instance_name, Win32::Registry::REG_SZ) - end - rescue Puppet::Util::Windows::Error + open(HKLM, "#{key_name}\\#{subkey}", KEY_READ | KEY64) do |feat_key| + get_reg_key_val(feat_key, instance_name, Win32::Registry::REG_SZ) end + rescue Puppet::Util::Windows::Error end installed.values diff --git a/manifests/config.pp b/manifests/config.pp index 3cd7c1f6..bc8053fd 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -22,8 +22,8 @@ # } # define sqlserver::config ( - Optional[Variant[Sensitive[String], String]] $admin_user = '', - Optional[Variant[Sensitive[String], String]] $admin_pass = '', + Variant[Sensitive[String], String] $admin_user = '', + Variant[Sensitive[String], String] $admin_pass = '', Enum['SQL_LOGIN', 'WINDOWS_LOGIN'] $admin_login_type = 'SQL_LOGIN', String[1,16] $instance_name = $title, ) { diff --git a/manifests/database.pp b/manifests/database.pp index 43c91b2b..bb175364 100644 --- a/manifests/database.pp +++ b/manifests/database.pp @@ -127,7 +127,7 @@ Integer[1753, 9999] $two_digit_year_cutoff = 2049, Enum['ON', 'OFF'] $db_chaining = 'OFF', Enum['ON', 'OFF'] $trustworthy = 'OFF', -){ +) { ## # validate max size # Specifies that the file grows until the disk is full. In SQL Server, a log file specified with unlimited growth has diff --git a/manifests/login.pp b/manifests/login.pp index cf7bd3d3..ad77e9e1 100644 --- a/manifests/login.pp +++ b/manifests/login.pp @@ -57,15 +57,14 @@ Enum['SQL_LOGIN', 'WINDOWS_LOGIN'] $login_type = 'SQL_LOGIN', Enum['present', 'absent'] $ensure = 'present', Optional[Variant[Sensitive[String], String]] $password = undef, - Optional[Hash] $svrroles = { }, + Hash $svrroles = {}, String $default_database = 'master', String $default_language = 'us_english', Boolean $check_expiration = false, Boolean $check_policy = true, Boolean $disabled = false, - Optional[Hash] $permissions = { }, + Hash $permissions = {}, ) { - sqlserver_validate_instance_name($instance) if $check_expiration and !$check_policy { @@ -77,42 +76,42 @@ absent => 'delete', } - sqlserver_tsql{ "login-${instance}-${login}": + sqlserver_tsql { "login-${instance}-${login}": instance => $instance, command => template("sqlserver/${_create_delete}/login.sql.erb"), onlyif => template('sqlserver/query/login_exists.sql.erb'), - require => Sqlserver::Config[$instance] + require => Sqlserver::Config[$instance], } if $ensure == present { $_upermissions = sqlserver_upcase($permissions) sqlserver_validate_hash_uniq_values($_upermissions, "Duplicate permissions found for sqlserver::login[${title}]") - Sqlserver::Login::Permissions{ + Sqlserver::Login::Permissions { login => $login, instance => $instance, - require => Sqlserver_tsql["login-${instance}-${login}"] + require => Sqlserver_tsql["login-${instance}-${login}"], } if has_key($_upermissions, 'GRANT') and is_array($_upermissions['GRANT']) { - sqlserver::login::permissions{ "Sqlserver::Login[${title}]-GRANT-${login}": + sqlserver::login::permissions { "Sqlserver::Login[${title}]-GRANT-${login}": state => 'GRANT', permissions => $_upermissions['GRANT'], } } if has_key($_upermissions, 'DENY') and is_array($_upermissions['DENY']) { - sqlserver::login::permissions{ "Sqlserver::Login[${title}]-DENY-${login}": + sqlserver::login::permissions { "Sqlserver::Login[${title}]-DENY-${login}": state => 'DENY', permissions => $_upermissions['DENY'], } } if has_key($_upermissions, 'REVOKE') and is_array($_upermissions['REVOKE']) { - sqlserver::login::permissions{ "Sqlserver::Login[${title}]-REVOKE-${login}": + sqlserver::login::permissions { "Sqlserver::Login[${title}]-REVOKE-${login}": state => 'REVOKE', permissions => $_upermissions['REVOKE'], } } if has_key($_upermissions, 'GRANT_WITH_OPTION') and is_array($_upermissions['GRANT_WITH_OPTION']) { - sqlserver::login::permissions{ "Sqlserver::Login[${title}]-GRANT-WITH_GRANT_OPTION-${login}": + sqlserver::login::permissions { "Sqlserver::Login[${title}]-GRANT-WITH_GRANT_OPTION-${login}": state => 'GRANT', with_grant_option => true, permissions => $_upermissions['GRANT_WITH_OPTION'], diff --git a/manifests/login/permissions.pp b/manifests/login/permissions.pp index e24f61ec..6249a9c5 100644 --- a/manifests/login/permissions.pp +++ b/manifests/login/permissions.pp @@ -27,9 +27,9 @@ String[1,128] $login, Array[String[4,128]] $permissions, Pattern[/(?i)^(GRANT|REVOKE|DENY)$/] $state = 'GRANT', - Optional[Boolean] $with_grant_option = false, - String[1,16] $instance = 'MSSQLSERVER', -){ + Boolean $with_grant_option = false, + String[1,16] $instance = 'MSSQLSERVER', +) { sqlserver_validate_instance_name($instance) $_state = upcase($state) @@ -38,7 +38,7 @@ true => '-WITH_GRANT_OPTION', default => '' } - sqlserver_tsql{ "login-permission-${instance}-${login}-${_state}${_grant_option}": + sqlserver_tsql { "login-permission-${instance}-${login}-${_state}${_grant_option}": instance => $instance, command => template('sqlserver/create/login/permission.sql.erb'), onlyif => template('sqlserver/query/login/permission_exists.sql.erb'), diff --git a/manifests/role.pp b/manifests/role.pp index d40abe69..2e324558 100644 --- a/manifests/role.pp +++ b/manifests/role.pp @@ -35,17 +35,17 @@ # @param members_purge # Whether we should purge any members not listed in the members parameter. Default: false ## -define sqlserver::role( - String[1,128] $role = $title, - String[1,16] $instance = 'MSSQLSERVER', +define sqlserver::role ( + String[1,128] $role = $title, + String[1,16] $instance = 'MSSQLSERVER', Enum['present', 'absent'] $ensure = 'present', - Optional[String] $authorization = undef, - Enum['SERVER', 'DATABASE'] $type = 'SERVER', - String[1,128] $database = 'master', - Optional[Hash] $permissions = { }, - Array[String] $members = [], - Boolean $members_purge = false, -){ + Optional[String] $authorization = undef, + Enum['SERVER', 'DATABASE'] $type = 'SERVER', + String[1,128] $database = 'master', + Hash $permissions = {}, + Array[String] $members = [], + Boolean $members_purge = false, +) { sqlserver_validate_instance_name($instance) if $type == 'SERVER' and $database != 'master' { @@ -63,7 +63,7 @@ # users. see MODULES-3355 $sqlserver_tsql_title = "role-${instance}-${database}-${role}" - sqlserver_tsql{ $sqlserver_tsql_title: + sqlserver_tsql { $sqlserver_tsql_title: command => template("sqlserver/${_create_delete}/role.sql.erb"), onlyif => template('sqlserver/query/role_exists.sql.erb'), instance => $instance, @@ -72,33 +72,33 @@ if $ensure == present { $_upermissions = sqlserver_upcase($permissions) - Sqlserver::Role::Permissions{ + Sqlserver::Role::Permissions { role => $role, instance => $instance, database => $database, type => $type, - require => Sqlserver_tsql[$sqlserver_tsql_title] + require => Sqlserver_tsql[$sqlserver_tsql_title], } if has_key($_upermissions, 'GRANT') and is_array($_upermissions['GRANT']) { - sqlserver::role::permissions{ "Sqlserver::Role[${title}]-GRANT-${role}": + sqlserver::role::permissions { "Sqlserver::Role[${title}]-GRANT-${role}": state => 'GRANT', permissions => $_upermissions['GRANT'], } } if has_key($_upermissions, 'DENY') and is_array($_upermissions['DENY']) { - sqlserver::role::permissions{ "Sqlserver::Role[${title}]-DENY-${role}": + sqlserver::role::permissions { "Sqlserver::Role[${title}]-DENY-${role}": state => 'DENY', permissions => $_upermissions['DENY'], } } if has_key($_upermissions, 'REVOKE') and is_array($_upermissions['REVOKE']) { - sqlserver::role::permissions{ "Sqlserver::Role[${title}]-REVOKE-${role}": + sqlserver::role::permissions { "Sqlserver::Role[${title}]-REVOKE-${role}": state => 'REVOKE', permissions => $_upermissions['REVOKE'], } } if has_key($_upermissions, 'GRANT_WITH_OPTION') and is_array($_upermissions['GRANT_WITH_OPTION']) { - sqlserver::role::permissions{ "Sqlserver::Role[${title}]-GRANT-WITH_GRANT_OPTION-${role}": + sqlserver::role::permissions { "Sqlserver::Role[${title}]-GRANT-WITH_GRANT_OPTION-${role}": state => 'GRANT', with_grant_option => true, permissions => $_upermissions['GRANT_WITH_OPTION'], @@ -106,7 +106,7 @@ } if size($members) > 0 or $members_purge == true { - sqlserver_tsql{ "${sqlserver_tsql_title}-members": + sqlserver_tsql { "${sqlserver_tsql_title}-members": command => template('sqlserver/create/role/members.sql.erb'), onlyif => template('sqlserver/query/role/member_exists.sql.erb'), instance => $instance, diff --git a/manifests/role/permissions.pp b/manifests/role/permissions.pp index 0791ad27..684e7812 100644 --- a/manifests/role/permissions.pp +++ b/manifests/role/permissions.pp @@ -34,14 +34,14 @@ String[1,128] $role, Array[String[4,128]] $permissions, Pattern[/(?i)^(GRANT|REVOKE|DENY)$/] $state = 'GRANT', - Optional[Boolean] $with_grant_option = false, - Enum['SERVER','DATABASE'] $type = 'SERVER', - String[1,128] $database = 'master', - String[1,16] $instance = 'MSSQLSERVER', -){ + Boolean $with_grant_option = false, + Enum['SERVER','DATABASE'] $type = 'SERVER', + String[1,128] $database = 'master', + String[1,16] $instance = 'MSSQLSERVER', +) { if size($permissions) < 1 { warning("Received an empty set of permissions for ${title}, no further action will be taken") - } else{ + } else { sqlserver_validate_instance_name($instance) $_state = upcase($state) @@ -52,11 +52,10 @@ ## # Parameters required in template are _state, role, _upermissions, database, type, with_grant_option ## - sqlserver_tsql{ "role-permissions-${role}-${_state}${_grant_option}-${instance}-${database}": + sqlserver_tsql { "role-permissions-${role}-${_state}${_grant_option}-${instance}-${database}": instance => $instance, command => template('sqlserver/create/role/permissions.sql.erb'), onlyif => template('sqlserver/query/role/permission_exists.sql.erb'), } } - } diff --git a/manifests/sp_configure.pp b/manifests/sp_configure.pp index dae1bd9d..35783333 100644 --- a/manifests/sp_configure.pp +++ b/manifests/sp_configure.pp @@ -32,7 +32,7 @@ Boolean $reconfigure = true, Boolean $with_override = false, Boolean $restart = false, -){ +) { sqlserver_validate_instance_name($instance) $service_name = $instance ? { @@ -44,14 +44,14 @@ Sqlserver_tsql["sp_configure-${instance}-${config_name}"] ~> Exec["restart-service-${service_name}-${config_name}"] } - sqlserver_tsql{ "sp_configure-${instance}-${config_name}": + sqlserver_tsql { "sp_configure-${instance}-${config_name}": instance => $instance, command => template('sqlserver/create/sp_configure.sql.erb'), onlyif => template('sqlserver/query/sp_configure.sql.erb'), - require => Sqlserver::Config[$instance] + require => Sqlserver::Config[$instance], } - exec{"restart-service-${service_name}-${config_name}": + exec { "restart-service-${service_name}-${config_name}": command => template('sqlserver/restart_service.ps1.erb'), provider => powershell, logoutput => true, diff --git a/manifests/user.pp b/manifests/user.pp index 011761a0..bdfd7db8 100644 --- a/manifests/user.pp +++ b/manifests/user.pp @@ -45,15 +45,14 @@ String[1,16] $instance = 'MSSQLSERVER', Optional[String[1]] $login = undef, Optional[String[1,128]] $password = undef, - Optional[Hash] $permissions = { }, -) -{ + Hash $permissions = {}, +) { sqlserver_validate_instance_name($instance) $is_windows_user = sqlserver_is_domain_or_local_user($login) if $password { - if $is_windows_user and $login != undef{ + if $is_windows_user and $login != undef { fail('Can not provide password when using a Windows Login') } } @@ -63,43 +62,43 @@ absent => 'delete', } - sqlserver_tsql{ "user-${instance}-${database}-${user}": + sqlserver_tsql { "user-${instance}-${database}-${user}": instance => $instance, command => template("sqlserver/${create_delete}/user.sql.erb"), onlyif => template('sqlserver/query/user_exists.sql.erb'), - require => Sqlserver::Config[$instance] + require => Sqlserver::Config[$instance], } if $ensure == present { $_upermissions = sqlserver_upcase($permissions) sqlserver_validate_hash_uniq_values($_upermissions, "Duplicate permissions found for sqlserver::user[${title}]") - Sqlserver::User::Permissions{ + Sqlserver::User::Permissions { user => $user, database => $database, instance => $instance, - require => Sqlserver_tsql["user-${instance}-${database}-${user}"] + require => Sqlserver_tsql["user-${instance}-${database}-${user}"], } if has_key($_upermissions, 'GRANT') and is_array($_upermissions['GRANT']) { - sqlserver::user::permissions{ "Sqlserver::User[${title}]-GRANT-${user}": + sqlserver::user::permissions { "Sqlserver::User[${title}]-GRANT-${user}": state => 'GRANT', permissions => $_upermissions['GRANT'], } } if has_key($_upermissions, 'DENY') and is_array($_upermissions['DENY']) { - sqlserver::user::permissions{ "Sqlserver::User[${title}]-DENY-${user}": + sqlserver::user::permissions { "Sqlserver::User[${title}]-DENY-${user}": state => 'DENY', permissions => $_upermissions['DENY'], } } if has_key($_upermissions, 'REVOKE') and is_array($_upermissions['REVOKE']) { - sqlserver::user::permissions{ "Sqlserver::User[${title}]-REVOKE-${user}": + sqlserver::user::permissions { "Sqlserver::User[${title}]-REVOKE-${user}": state => 'REVOKE', permissions => $_upermissions['REVOKE'], } } if has_key($_upermissions, 'GRANT_WITH_OPTION') and is_array($_upermissions['GRANT_WITH_OPTION']) { - sqlserver::user::permissions{ "Sqlserver::User[${title}]-GRANT-WITH_GRANT_OPTION-${user}": + sqlserver::user::permissions { "Sqlserver::User[${title}]-GRANT-WITH_GRANT_OPTION-${user}": state => 'GRANT', with_grant_option => true, permissions => $_upermissions['GRANT_WITH_OPTION'], diff --git a/manifests/user/permissions.pp b/manifests/user/permissions.pp index 3571fc2c..be107b2a 100644 --- a/manifests/user/permissions.pp +++ b/manifests/user/permissions.pp @@ -31,9 +31,9 @@ Array[String[4,128]] $permissions, String[1,128] $database = 'master', Pattern[/(?i)^(GRANT|REVOKE|DENY)$/] $state = 'GRANT', - Optional[Boolean] $with_grant_option = false, + Boolean $with_grant_option = false, String[1,16] $instance = 'MSSQLSERVER', -){ +) { sqlserver_validate_instance_name($instance) $_state = upcase($state) @@ -45,7 +45,7 @@ true => '-WITH_GRANT_OPTION', default => '' } - sqlserver_tsql{ + sqlserver_tsql { "user-permissions-${instance}-${database}-${user}-${_state}${_grant_option}": instance => $instance, command => template('sqlserver/create/user/permission.sql.erb'), diff --git a/metadata.json b/metadata.json index df3bd91d..6e1fa081 100644 --- a/metadata.json +++ b/metadata.json @@ -48,7 +48,7 @@ "tsql", "database" ], - "pdk-version": "2.3.0", + "pdk-version": "2.4.0", "template-url": "https://github.com/puppetlabs/pdk-templates.git#main", - "template-ref": "heads/main-0-gf3911d3" + "template-ref": "2.5.0-0-g806810b" }